Removing workaround with MailPasswordReset
This commit is contained in:
parent
076a84764e
commit
0236dc00d6
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use XML::LibXML;
|
use XML::LibXML;
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
# XML parser
|
# XML parser
|
||||||
has parser => (
|
has parser => (
|
||||||
|
|
|
@ -19,11 +19,12 @@ use Lemonldap::NG::Common::PSGI::Constants;
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Conf::AccessLib',
|
extends qw(
|
||||||
'Lemonldap::NG::Handler::PSGI::Router';
|
Lemonldap::NG::Handler::PSGI::Router
|
||||||
|
Lemonldap::NG::Common::Conf::AccessLib
|
||||||
|
);
|
||||||
|
|
||||||
has csp => ( is => 'rw' );
|
has csp => ( is => 'rw' );
|
||||||
|
|
||||||
has loadedPlugins => ( is => 'rw', default => sub { [] } );
|
has loadedPlugins => ( is => 'rw', default => sub { [] } );
|
||||||
has hLoadedPlugins => ( is => 'rw', default => sub { {} } );
|
has hLoadedPlugins => ( is => 'rw', default => sub { {} } );
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package Lemonldap::NG::Manager::2ndFA;
|
package Lemonldap::NG::Manager::2ndFA;
|
||||||
|
|
||||||
use utf8;
|
|
||||||
use strict;
|
use strict;
|
||||||
|
use utf8;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
|
||||||
use Lemonldap::NG::Common::Session;
|
use Lemonldap::NG::Common::Session;
|
||||||
|
@ -9,8 +9,6 @@ use Lemonldap::NG::Common::Conf::Constants;
|
||||||
use Lemonldap::NG::Common::PSGI::Constants;
|
use Lemonldap::NG::Common::PSGI::Constants;
|
||||||
use Lemonldap::NG::Common::Conf::ReConstants;
|
use Lemonldap::NG::Common::Conf::ReConstants;
|
||||||
|
|
||||||
use feature 'state';
|
|
||||||
|
|
||||||
extends qw(
|
extends qw(
|
||||||
Lemonldap::NG::Manager::Plugin
|
Lemonldap::NG::Manager::Plugin
|
||||||
Lemonldap::NG::Common::Session::REST
|
Lemonldap::NG::Common::Session::REST
|
||||||
|
|
|
@ -5,12 +5,6 @@ use strict;
|
||||||
use utf8;
|
use utf8;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
|
||||||
extends qw(
|
|
||||||
Lemonldap::NG::Manager::Plugin
|
|
||||||
Lemonldap::NG::Common::Session::REST
|
|
||||||
Lemonldap::NG::Common::Conf::RESTServer
|
|
||||||
);
|
|
||||||
|
|
||||||
use Lemonldap::NG::Manager::Api::2F;
|
use Lemonldap::NG::Manager::Api::2F;
|
||||||
use Lemonldap::NG::Manager::Api::Misc;
|
use Lemonldap::NG::Manager::Api::Misc;
|
||||||
use Lemonldap::NG::Manager::Api::Providers::OidcRp;
|
use Lemonldap::NG::Manager::Api::Providers::OidcRp;
|
||||||
|
@ -19,6 +13,12 @@ use Lemonldap::NG::Manager::Api::Providers::CasApp;
|
||||||
use Lemonldap::NG::Manager::Api::Menu::Cat;
|
use Lemonldap::NG::Manager::Api::Menu::Cat;
|
||||||
use Lemonldap::NG::Manager::Api::Menu::App;
|
use Lemonldap::NG::Manager::Api::Menu::App;
|
||||||
|
|
||||||
|
extends qw(
|
||||||
|
Lemonldap::NG::Manager::Plugin
|
||||||
|
Lemonldap::NG::Common::Conf::RESTServer
|
||||||
|
Lemonldap::NG::Common::Session::REST
|
||||||
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
#############################
|
#############################
|
||||||
|
|
|
@ -86,16 +86,11 @@ sub _getSessionDBState {
|
||||||
|
|
||||||
# Handle DBI-type session stores
|
# Handle DBI-type session stores
|
||||||
if ( $fakeobj->{object_store}->isa("Apache::Session::Store::DBI") ) {
|
if ( $fakeobj->{object_store}->isa("Apache::Session::Store::DBI") ) {
|
||||||
#
|
|
||||||
# The 'connection' method will fail if the DB is unreachable
|
# The 'connection' method will fail if the DB is unreachable
|
||||||
# this is good enough a test for now
|
# this is good enough a test for now
|
||||||
eval { $fakeobj->{object_store}->connection($fakeobj) };
|
eval { $fakeobj->{object_store}->connection($fakeobj) };
|
||||||
if ($@) {
|
return $@ ? 0 : 1;
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Handle MongoDB
|
# Handle MongoDB
|
||||||
|
@ -106,17 +101,11 @@ sub _getSessionDBState {
|
||||||
$fakeobj->{object_store}->connection($fakeobj);
|
$fakeobj->{object_store}->connection($fakeobj);
|
||||||
$fakeobj->{object_store}->{collection}->estimated_document_count;
|
$fakeobj->{object_store}->{collection}->estimated_document_count;
|
||||||
};
|
};
|
||||||
if ($@) {
|
return $@ ? 0 : 1;
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# We don't know
|
# We don't know
|
||||||
return 2;
|
return 2;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sub _getObjectSessionModule {
|
sub _getObjectSessionModule {
|
||||||
|
|
|
@ -17,12 +17,12 @@ use Convert::PEM;
|
||||||
use URI::URL;
|
use URI::URL;
|
||||||
use Net::SSLeay;
|
use Net::SSLeay;
|
||||||
|
|
||||||
use feature 'state';
|
extends qw(
|
||||||
|
Lemonldap::NG::Manager::Plugin
|
||||||
|
Lemonldap::NG::Common::Conf::RESTServer
|
||||||
|
);
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Manager::Plugin',
|
our $VERSION = '2.0.10';
|
||||||
'Lemonldap::NG::Common::Conf::RESTServer';
|
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
|
||||||
|
|
||||||
#############################
|
#############################
|
||||||
# I. INITIALIZATION METHODS #
|
# I. INITIALIZATION METHODS #
|
||||||
|
@ -315,7 +315,8 @@ sub prx {
|
||||||
|
|
||||||
sub getConfByNum {
|
sub getConfByNum {
|
||||||
my ( $self, $cfgNum, @args ) = @_;
|
my ( $self, $cfgNum, @args ) = @_;
|
||||||
unless ( %{ $self->currentConf }
|
unless ($self->currentConf
|
||||||
|
and %{ $self->currentConf }
|
||||||
and $cfgNum == $self->currentConf->{cfgNum} )
|
and $cfgNum == $self->currentConf->{cfgNum} )
|
||||||
{
|
{
|
||||||
my $tmp;
|
my $tmp;
|
||||||
|
|
|
@ -2,6 +2,7 @@ package Lemonldap::NG::Manager::Conf::Tests;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use utf8;
|
use utf8;
|
||||||
|
use strict;
|
||||||
use Lemonldap::NG::Common::Regexp;
|
use Lemonldap::NG::Common::Regexp;
|
||||||
use Lemonldap::NG::Handler::Main;
|
use Lemonldap::NG::Handler::Main;
|
||||||
use Lemonldap::NG::Common::Util qw(getSameSite);
|
use Lemonldap::NG::Common::Util qw(getSameSite);
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
package Lemonldap::NG::Manager::Conf::Zero;
|
package Lemonldap::NG::Manager::Conf::Zero;
|
||||||
|
|
||||||
|
use strict;
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.0.9';
|
||||||
|
|
||||||
sub zeroConf {
|
sub zeroConf {
|
||||||
|
|
|
@ -12,15 +12,13 @@ use Lemonldap::NG::Common::PSGI::Constants;
|
||||||
use Lemonldap::NG::Common::Conf::ReConstants;
|
use Lemonldap::NG::Common::Conf::ReConstants;
|
||||||
require Lemonldap::NG::Common::Notifications;
|
require Lemonldap::NG::Common::Notifications;
|
||||||
|
|
||||||
use feature 'state';
|
|
||||||
|
|
||||||
extends qw(
|
extends qw(
|
||||||
Lemonldap::NG::Manager::Plugin
|
Lemonldap::NG::Manager::Plugin
|
||||||
Lemonldap::NG::Common::Conf::AccessLib
|
|
||||||
Lemonldap::NG::Common::PSGI::Router
|
Lemonldap::NG::Common::PSGI::Router
|
||||||
|
Lemonldap::NG::Common::Conf::AccessLib
|
||||||
);
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
has notifAccess => ( is => 'rw' );
|
has notifAccess => ( is => 'rw' );
|
||||||
has notifFormat => ( is => 'rw' );
|
has notifFormat => ( is => 'rw' );
|
||||||
|
|
|
@ -2,7 +2,8 @@ package Lemonldap::NG::Manager::Plugin;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
our $VERSION = '2.0.8';
|
|
||||||
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Module';
|
extends 'Lemonldap::NG::Common::Module';
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package Lemonldap::NG::Manager::Sessions;
|
package Lemonldap::NG::Manager::Sessions;
|
||||||
|
|
||||||
use utf8;
|
|
||||||
use strict;
|
use strict;
|
||||||
|
use utf8;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
|
||||||
use Lemonldap::NG::Common::Session;
|
use Lemonldap::NG::Common::Session;
|
||||||
|
@ -11,11 +11,13 @@ use Lemonldap::NG::Common::PSGI::Constants;
|
||||||
use Lemonldap::NG::Common::Conf::ReConstants;
|
use Lemonldap::NG::Common::Conf::ReConstants;
|
||||||
use Lemonldap::NG::Common::IPv6;
|
use Lemonldap::NG::Common::IPv6;
|
||||||
|
|
||||||
use feature 'state';
|
#use feature 'state';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Manager::Plugin',
|
extends qw(
|
||||||
'Lemonldap::NG::Common::Conf::AccessLib',
|
Lemonldap::NG::Manager::Plugin
|
||||||
'Lemonldap::NG::Common::Session::REST';
|
Lemonldap::NG::Common::Session::REST
|
||||||
|
Lemonldap::NG::Common::Conf::AccessLib
|
||||||
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
|
|
|
@ -7,14 +7,12 @@ use Lemonldap::NG::Common::Conf::Constants;
|
||||||
use Lemonldap::NG::Common::UserAgent;
|
use Lemonldap::NG::Common::UserAgent;
|
||||||
use URI::URL;
|
use URI::URL;
|
||||||
|
|
||||||
use feature 'state';
|
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Manager::Conf';
|
extends 'Lemonldap::NG::Manager::Conf';
|
||||||
|
|
||||||
has diffRule => ( is => 'rw', default => sub { 0 } );
|
has diffRule => ( is => 'rw', default => sub { 0 } );
|
||||||
has brwRule => ( is => 'rw', default => sub { 0 } );
|
has brwRule => ( is => 'rw', default => sub { 0 } );
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.0.10';
|
||||||
|
|
||||||
#############################
|
#############################
|
||||||
# I. INITIALIZATION METHODS #
|
# I. INITIALIZATION METHODS #
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Data::Dumper;
|
use Data::Dumper;
|
||||||
use 5.10.0;
|
|
||||||
use_ok('Lemonldap::NG::Manager::Cli::Lib');
|
use_ok('Lemonldap::NG::Manager::Cli::Lib');
|
||||||
|
|
||||||
our $client;
|
our $client;
|
||||||
|
|
|
@ -29,25 +29,19 @@ sub confirm {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub modifyPassword {
|
sub modifyPassword {
|
||||||
my ( $self, $req, $pwd ) = @_;
|
my ( $self, $req, $pwd, $useMail ) = @_;
|
||||||
my $dn = $req->data->{dn} || $req->sessionInfo->{_dn};
|
my $dn = $req->data->{dn} || $req->sessionInfo->{_dn};
|
||||||
unless ($dn) {
|
unless ($dn) {
|
||||||
$self->logger->error('"dn" is not set, aborting password modification');
|
$self->logger->error('"dn" is not set, abort password modification');
|
||||||
return PE_ERROR;
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
my $rule = $self->p->HANDLER->buildSub(
|
|
||||||
$self->p->HANDLER->substitute(
|
|
||||||
$self->conf->{portalRequireOldPassword}
|
|
||||||
)
|
|
||||||
);
|
|
||||||
unless ($rule) {
|
|
||||||
my $error = $self->p->HANDLER->tsv->{jail}->error || '???';
|
|
||||||
}
|
|
||||||
my $requireOldPassword = (
|
my $requireOldPassword = (
|
||||||
$req->userData
|
$req->userData
|
||||||
? $rule->( $req, $req->userData )
|
? $self->requireOldPwdRule->( $req, $req->userData )
|
||||||
: $rule->( $req, $req->sessionInfo )
|
: $self->requireOldPwdRule->( $req, $req->sessionInfo )
|
||||||
);
|
);
|
||||||
|
$requireOldPassword = 0 if $useMail;
|
||||||
|
|
||||||
# Ensure connection is valid
|
# Ensure connection is valid
|
||||||
$self->bind;
|
$self->bind;
|
||||||
|
|
|
@ -21,8 +21,19 @@ our $VERSION = '2.0.10';
|
||||||
|
|
||||||
# INITIALIZATION
|
# INITIALIZATION
|
||||||
|
|
||||||
|
has requireOldPwdRule => ( is => 'rw' );
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
$_[0]->p->{_passwordDB} = $_[0];
|
my ($self) = shift;
|
||||||
|
$self->requireOldPwdRule(
|
||||||
|
$self->p->buildRule(
|
||||||
|
$self->conf->{portalRequireOldPassword},
|
||||||
|
'portalRequireOldPassword'
|
||||||
|
)
|
||||||
|
);
|
||||||
|
return 0 unless $self->requireOldPwdRule;
|
||||||
|
|
||||||
|
$self->p->{_passwordDB} = $self;
|
||||||
}
|
}
|
||||||
|
|
||||||
# INTERFACE
|
# INTERFACE
|
||||||
|
|
|
@ -28,31 +28,25 @@ sub confirm {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub modifyPassword {
|
sub modifyPassword {
|
||||||
my ( $self, $req, $pwd ) = @_;
|
my ( $self, $req, $pwd, $useMail ) = @_;
|
||||||
my $dn;
|
my $dn;
|
||||||
my $requireOldPassword;
|
my $requireOldPassword;
|
||||||
my $rule = $self->p->HANDLER->buildSub(
|
|
||||||
$self->p->HANDLER->substitute(
|
|
||||||
$self->conf->{portalRequireOldPassword}
|
|
||||||
)
|
|
||||||
);
|
|
||||||
unless ($rule) {
|
|
||||||
my $error = $self->p->HANDLER->tsv->{jail}->error || '???';
|
|
||||||
}
|
|
||||||
if ( $req->data->{dn} ) {
|
if ( $req->data->{dn} ) {
|
||||||
$dn = $req->data->{dn};
|
$dn = $req->data->{dn};
|
||||||
$requireOldPassword = $rule->( $req, $req->userData );
|
$requireOldPassword = $self->requireOldPwdRule->( $req, $req->userData );
|
||||||
$self->logger->debug("Get DN from request data: $dn");
|
$self->logger->debug("Get DN from request data: $dn");
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$dn = $req->sessionInfo->{_dn};
|
$dn = $req->sessionInfo->{_dn};
|
||||||
$requireOldPassword = $rule->( $req, $req->sessionInfo );
|
$requireOldPassword = $self->requireOldPwdRule->( $req, $req->sessionInfo );
|
||||||
$self->logger->debug("Get DN from session data: $dn");
|
$self->logger->debug("Get DN from session data: $dn");
|
||||||
}
|
}
|
||||||
unless ($dn) {
|
unless ($dn) {
|
||||||
$self->logger->error('"dn" is not set, aborting password modification');
|
$self->logger->error('"dn" is not set, aborting password modification');
|
||||||
return PE_ERROR;
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
|
$requireOldPassword = 0 if $useMail;
|
||||||
|
|
||||||
# Ensure connection is valid
|
# Ensure connection is valid
|
||||||
$self->bind;
|
$self->bind;
|
||||||
|
|
|
@ -473,16 +473,11 @@ sub changePwd {
|
||||||
return $cpq;
|
return $cpq;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Modify the password TODO: change this
|
|
||||||
# Populate $req->{user} for logging purpose
|
|
||||||
my $tmp = $self->conf->{portalRequireOldPassword};
|
|
||||||
$self->conf->{portalRequireOldPassword} = 0;
|
|
||||||
$req->user( $req->{sessionInfo}->{_user} );
|
$req->user( $req->{sessionInfo}->{_user} );
|
||||||
my $result =
|
my $result =
|
||||||
$self->p->_passwordDB->modifyPassword( $req,
|
$self->p->_passwordDB->modifyPassword( $req,
|
||||||
$req->data->{newpassword}, 1 );
|
$req->data->{newpassword}, 1 );
|
||||||
$req->{user} = undef;
|
$req->{user} = undef;
|
||||||
$self->conf->{portalRequireOldPassword} = $tmp;
|
|
||||||
|
|
||||||
# Mail token can be used only one time, delete the session if all is ok
|
# Mail token can be used only one time, delete the session if all is ok
|
||||||
unless ( $result == PE_PASSWORD_OK or $result == PE_OK ) {
|
unless ( $result == PE_PASSWORD_OK or $result == PE_OK ) {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user